v0.0.9

Major Update

We are no longer using wg-quick(8) on the backend. Slight XML changes, but we are attempting to upgrade the XML as needed moving forward. As always, make backups before upgrading!

https://www.youtube.com/watch?v=X6WGsbrPkb0

v0.0.8

Note: This update contains changes to the XML structure that are not backwards compatible. Please backup your configuration, remove the old version of the package using pkg remove pfSense-pkg-WireGuard and make sure your config.xml is clean (delete <wireguard>...</wireguard> from <installedpackages>

Make sure to watch the latest project status update here : https://www.youtube.com/watch?v=tzCxxHj9OHw

This includes a fix for the Peer Allowed IPs bug mentioned here (https://www.youtube.com/watch?v=tzCxxHj9OHw)

This also includes big updates to wireguard-kmod and wireguard-tools

Parity with Netgate PR.

v0.0.7_1

Parity with Netgate PR

v0.0.7

Parity with PR request with Netgate

This has been superseded by v0.0.7_1

v0.0.6_3

This is a fix for the PHP errors in 2.6.0 reported in #31

This should work on 2.6.0 and 2.5.1

v0.0.6_2

A minor release with some cleanup and final touches before submitting the package to Netgate for review.

v0.0.6_1

This is a pretty significant release and includes some breaking changes! Please watch the latest progress report video here.

• WireGuard tunnel interfaces have been renamed from wg to tun_wg (#27)
• Old configuration using the old wg names will not port over to the tun_wg names. This will very likely be the last breaking change to the schema moving forward, unless something happens upstream that necessitates a change on our end (#27)
• Removed all earlyshellcmds and all extra scripts as these are no longer needed (#27)
• Renamed blur secrets to hide secrets and we are now using a password field instead. Deterministic blurring using css text-shadow is cosmetically pleasing but trivial to crack (issue not tracked on GitHub)

Reminder that if you intend to route traffic over a tunnel using policy-based routing, you will need to create your own gateway definition as the package does not create this for you! Treat these tunnels like any other WAN.

v0.0.5_1

This release includes some code cleanup and a fix for form validation issues when re-saving assigned tunnels. This also bumps the kmod package to the latest build.

v0.0.5_0

This is a major update. Tons of backend changes. Assigned interfaces should survive a reboot! I'm now using wg syncconf to perform soft reconfiguration of assigned interfaces. It seems to work well and as intended.

v0.0.4_2

This release bumps wireguard-kmod and wireguard-tools to the latest ports

There is also some in-progress improvements concerning package install/de-install and some overall refactoring.

There is a known issue with assigned interfaces losing their address(es) during system startup. Until this is fixed, you will need to re-save the assigned interface and apply settings.

This has also been tested on pfSense 2.5.1 (non-RC) and the latest 2.6.0 development snapshots.

Get all of these packages onto your pfSense box and run

pkg add pfSense-pkg-WireGuard-0.0.4_2.txz